Yahoo on Tuesday revealed that its 2013 security breach impacted all 3 billion accounts on its service, three times the number confirmed by the company last December. Hackers accessed users' names, phone numbers, email addresses, birthdates, and security questions and answers.

The additional victims were discovered in June, following Verizon's acquisition of Yahoo. The stolen data didn't include passwords, payment card info or bank account numbers.

It's been a rough year for the Sunnyvale-based web services provider, which will turn 24 in January.

"The bigger and more successful a company is, the more appealing it becomes to hackers," Itay Glick, CEO of Votiro, tells us Wednesday. "Large companies should place a great deal of emphasis on the security mechanism they use and understand they are a very attractive target."

Earlier this year, Yahoo announced its third breach in less than six months - 32 million users' accounts were affected from 2015 to 2016. The news came just months after it divulged the 2013 incident, and a similar attack reported last September targeted 500 million users in 2014.

Yahoo's annual SEC filing in March claimed its security team and senior executives allegedly failed to thoroughly investigate its 2014 breach. While the company implemented new security measures and alerted 26 victims, an in-depth examination was never conducted.

CEO Marissa Mayer said she would forgo her annual bonus and yearly equity grant following the announcement.